Whether we want to talk about it or not, every open source system can be targeted by hackers. It is not unheard of to have your WordPress or your Drupal website hacked, however, the risk can be reduced if you keep your website updated. This is why a monthly maintenance program is an essential part of your online strategy.
UPDATING YOUR DRUPAL AND WORDPRESS WEBSITE IS IMPORTANT
There are some very important things you should do reduce the chances of being hacked. Regular upgrades of the Drupal or Wordpress core, their plugins/modules, regular backups and security scans should be top of the list; all of these essentials are covered by your monthly support contract and are carried out by experienced engineers and developers.
Content Management Systems
Let’s take a look at the structure of content management systems such as Wordpress and Drupal so you can better understand how the support & maintenance process works:
Both Wordpress and Drupal have a ‘core’. The core is the file system and database structure that defines the base of the website and the website is essentially built around the core. The core is maintained by community contributors working in specific groups or areas, to consistently improve or add functionality, improve usability and to identify security risks and provide essential ‘security fixes’ and updates.
There are two very different types of update:
Security updates are released as and when a security issue is located in part of the code that constitutes the core. Upon release of the security update, an advisory is issued that the update is available and the system should be updated as soon as possible.
Your monthly support contract will ensure that all core security updates are applied to your website within 24 to 48 hours of release.
General updates are non-critical updates and consist of feature updates, improvements and enhancements to the functionality of the core system. It is best practice to install these updates as they are released, this will ensure that your website is running on the highest quality code base available.
Your monthly support contract will ensure that all general core updates are applied to your website within 7 to 14 days of release.
Contributed Modules & Plugins
Both Wordpress and Drupal have many modules and plugins available. These modules are installed on top of the core system to provide additional functionality - both essential and desirable.
The same update and checking processes apply to contributed modules as we saw with the core updates. There are both security updates and general updates issued for all contributed modules and plugins on a regular basis, they require installation in the same way as the core updates highlighted previously.
Your monthly support contract will ensure that all security and general updates are applied to your website in a timely manner to the same schedule as the core updates.
Both Wordpress and Drupal have many themes available. A theme is installed on top of the core and contributed modules - it provides the visible portion of the website, basically what everyone sees in their browser.
Functionality updates and Security updates are also occasionally released for themes and these will also require installation as and when released.
Your monthly support contract will ensure that all security updates are applied to the theme when released. General updates may not always be able to be applied due to the theme being customised but this will be reviewed and if possible general updates will also be applied.
Cloning & Backups
When on a monthly support contract a clone of your website is kept on our development servers. The clone is an identical physical copy of your website which is only visible to us internally for testing and backup purposes.
The clone serves a number of purposes:
All updates, both security and general, are firstly installed and tested on the cloned installation to ensure no negative impact on the website functionality or design. Once tested the updates are then applied to your website. This ensures that your website will experience the minimum amount of down-time possible during the update process.
The clone installation is always fully up to date and as such provides a complete physical backup of your website. A fully up to date backup of your website is vitally important should your website be hacked or compromised, enabling us to fully restore your website in the shortest time possible.
Backing up and cloning of the file system is only one aspect of backing up your website, it is just as important is to back up your database. The files are the engine of your website, making it run - the database is the storage system and contains all of the data and information from the website - backing up your database is vitally important.
A backup module is installed on the website and regular backups are scheduled to run daily with a physical copy of the database stored on a remote server.
With daily backups being taken, this means should the worst happen and your website is hacked or compromised, the backed up database is never more than 24hrs old - minimising the potential loss of data.
Hacking – What this can mean to your business
Let’s look at a number of possible outcomes should your website be hacked or compromised:
Your emails start bouncing
This is one of the worst things that can happen to your business when your website is hacked, it works like this:
Hackers break into your website and install scripts that send out thousands of emails from your IP address.
People report them as SPAM.
SPAM lists like barracudacentral.org and spamhaus.org see the reports and add you to their block lists.
Sometimes you may not even know your site has been hacked, you’ll just notice people aren’t getting your emails so business critical communications fail. If you have an agency and are hosting websites for others, the ban may even affect your clients’ domains.
Bad content is added to your website
If your site is hacked, the hackers may gain access to one of your theme or module files. When this happens, they can easily add things to the site.
The impact can range from annoying to devastating, either way it is damaging for your business. Examples include:
Sites that have a lot of (bad) invisible code added. This code is visible to crawlers like Google, invisible to the human eye, can slow the site down and ultimately, get your site added to blacklists.
Sites that have unwelcome links and content added into the footer on every page.
Sites that have been completely replaced with new content (inappropriate or offensive text and images).
If this happens, you may not know because the content may not always be visible.
Your website slows down or crashes
This can happen for a variety of reasons.
One reason may be that the hacker has added so much bad code that the site slows down. Another is that the hacker has added your site into a network of sites or a spam email network where traffic is sent to the site and re-directed.
Either way, this is not good. Hopefully, you will find out about it fairly quickly (assuming people are visiting your site regularly).
You receive a huge bandwidth bill
With a large number of Internet Service Providers, bandwidth is limited and very expensive. It’s not uncommon for hosts to only provide you with a certain amount of bandwidth and when you go over, it is very expensive.
Bandwidth is used when people visit your site or send you emails. When your site is hacked, your bandwidth charges can potentially go through the roof from:
Large files being added to your site, which increase the amount of data downloaded every time you have a visitor.
Malicious scripts added to your server that send out hundreds of thousands of emails that add to your bandwidth usage.
Huge traffic spikes in the case where your site has been added to a network.
This can happen very quickly, and unless your host is in the habit of warning its customers when there are spikes, you may not know before it’s too late.
Visits to your website [traffic] plummet
If your site is hacked you might notice that your traffic disappears. This can happen for a few reasons:
If the site has crashed or is slow, people will drop off.
If Google has blacklisted your site, people will see warnings when they search for you in Google and they won’t click through.
Your traffic is re-directed automatically to another site – very common.
Traffic will bounce as soon as they see anything unusual on your site.
Some people don’t actively monitor their website traffic, so it may not be obvious that this has happened – always monitor your website traffic regularly.
Your website traffic surges
A big traffic surge is also possible. In point 3 above, we mentioned the situation where your site is added as part of a re-direct network. This could result in huge increases to your traffic in a short time period and as mentioned in point 4, your business will pay the cost in bandwidth.
There’s no benefit to this traffic, it will ruin your analytics reporting, slow your site and increase your chance of being added to a blacklist. Not to mention potentially crashing your server. Either way it kills the site experience for users and being blacklisted is going to result in less targeted traffic and a tarnished reputation for your business.
Your website disappears
Sometimes when a site is hacked, a hacker can get into the file system and remove the entire website from the server. For a brochure website this could be embarrassing and costly, and your online presence will be gone until the website is rebuilt. However for an ecommerce based business, this could potentially destroy your business should in either case, a backup not be available.
It is even possible that the hacker could remove every single website on a server in an extreme case. If your host backs up their sites to the same server you can imagine how devastating that would be.
As we can see from the above information, just having a website built and then doing nothing to support and maintain it, is a recipe for disaster that could potentially damage your business in many ways.
Think of it in the same way you look after your car; your car is a substantial investment, as is your website, but without regular servicing and maintenance your investment may be short lived and if you do not lock your car - it may get hacked!